Atomcms-edit/app/Http/Middleware/RadioApiKey.php

<?php

declare(strict_types=1);

namespace App\Http\Middleware;

use App\Models\RadioApiKey as RadioApiKeyModel;
use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;

class RadioApiKey
{
    public function handle(Request $request, Closure $next, string $permission = '*'): Response
    {
        $key = $request->bearerToken() ?? $request->query('api_key');

        if (empty($key)) {
            return response()->json([
                'error' => 'API key is verplicht. Gebruik Authorization: Bearer <key> of ?api_key=<key>',
            ], 401);
        }

        $apiKey = RadioApiKeyModel::active()->where('key', $key)->first();

        if (! $apiKey) {
            return response()->json([
                'error' => 'API key is ongeldig of verlopen',
            ], 401);
        }

        if (! $apiKey->isAllowedIp($request->ip())) {
            return response()->json([
                'error' => 'IP-adres niet toegestaan voor deze API key',
            ], 403);
        }

        if (! $apiKey->hasPermission($permission)) {
            return response()->json([
                'error' => 'Geen toestemming voor deze actie',
            ], 403);
        }

        $apiKey->touchLastUsed();

        $request->merge(['radio_api_key_id' => $apiKey->id]);

        return $next($request);
    }
}